
<?php
	/**
	* @package ParkFind
	* @desc This is the register page. User is able to register through this page using inputed information.
	*/


	// Direct calling check
	if (!isset($_POST["first"]))
		die("Do not call this page directly");
		
	session_start();
	
	/**
	* @desc This include file connects to the database.
	*/
	require 'includes/connect.inc';
	
	// Store variables and clean them
	$first = mysql_real_escape_string($_POST["first"], $connection);	
	$last = mysql_real_escape_string($_POST["last"], $connection);	
	$email = mysql_real_escape_string($_POST["email"], $connection);
	$pass1 = mysql_real_escape_string($_POST["pass1"], $connection);
	$pass2 = mysql_real_escape_string($_POST["pass2"], $connection);
	
	$first = htmlentities($first);
	$last = htmlentities($last);
	
	// Make arrays
	$_SESSION["errors"] = array();
	$_SESSION["form"] = array();
	
	// Firstname validation		
	If (empty($first))	
		$_SESSION["errors"]["first"] = "First is empty";
		
	else if (!preg_match('/^[a-zA-Z]+$/', $first))
		$_SESSION["errors"]["first"] = "Only letters allowed";
		
	else if (strlen($first) > 30)
		$_SESSION["errors"]["first"] = "Maximum 30 characters";
		
	else	
	{
		$_SESSION["form"]["first"] = $first;
		unset($_SESSION["errors"]["first"]);
	}
	
	// Lastname validation
	If (empty($last))	
		$_SESSION["errors"]["last"] = "Last is empty";
		
	else if (!preg_match('/^[a-zA-Z]+$/', $last))
		$_SESSION["errors"]["last"] = "Only letters allowed";
	
	else if (strlen($last) > 30)
		$_SESSION["errors"]["last"] = "Maximum 30 characters";	
	
	else	
	{
		$_SESSION["form"]["last"] = $last;
		unset($_SESSION["errors"]["last"]);
	}
	
	// Email validation
	If (empty($email))	
		$_SESSION["errors"]["email"] = "Email is empty";
	
	else if (!preg_match('/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/', $email))
		$_SESSION["errors"]["email"] = "Email not a valid format";
	
	else if (strlen($email) > 50)
		$_SESSION["errors"]["email"] = "Maximum 50 characters";	
		
	else	
	{
		$_SESSION["form"]["email"] = $email;
		unset($_SESSION["errors"]["email"]);
	}
		
	// Password validation
	If (empty($pass1))	
		$_SESSION["errors"]["pass1"] = "Password is empty";	
	
	else if (strlen($pass) > 20)
		$_SESSION["errors"]["pass1"] = "Maximum 20 characters";
		
	else
		unset($_SESSION["errors"]["pass1"]);
	
	// Password 2 validation
	If (empty($pass2))	
		$_SESSION["errors"]["pass2"] = "Password is empty";	
		
	else if ($pass1 != $pass2)
		$_SESSION["errors"]["pass2"] = "Passwords do not match";
		
	else
		unset($_SESSION["errors"]["pass2"]);
	
	
	// If there were any errors, show the page again
	if (count($_SESSION["errors"]))
	{
		mysql_close($connection); // Close connection
		header("Location: register.php");
		exit;
	}

	
	// Try and find email
	$query = "SELECT email FROM users WHERE email='" . $email . "'";
	
	// Run query to find email
	if (!$result = mysql_query ($query, $connection))
		die("Find Email Query Failed");
		

	// If did not find any results...
	If ($rowsFound = mysql_num_rows($result) == 0) // Get how many rows returned		 
	{
		$query = "INSERT INTO users (user_id, firstname, lastname, email, password, role) "
		. "VALUES (NULL, "
		. "'" . $first. "', "
		. "'" . $last . "', "
		. "'" . $email. "', "
		. "'" . md5($pass1) . "', "
		. "'user')";
		
		// Add new user
		if (!$result = mysql_query ($query, $connection))
			header("Location: regreceipt.php?result=failed");
		else // Show success message		
			header("Location: regreceipt.php?result=success&first=".$first."&last=".$last."&email=".$email);
	}
	else
		// User already exists
		header("Location: regreceipt.php?result=exist");
	
	mysql_close($connection); // Close connection

	
?>
